/awesome-npm

A curated list of awesome npm resources, tips, and best practices.

Awesome npm Awesome Lists

Buy Me A Coffee   Ko-Fi   PayPal   Stripe

A curated list of awesome npm resources, tips, and best practices.

Table of Contents

Official Resources

Package Management

  • npx: Execute Node.js packages directly without installing them globally.
  • yarn: Fast and reliable package manager alternative to npm.
  • pnpm: Fast, disk space-efficient package manager that uses hard links and deduplication.
  • Verdaccio: Lightweight private npm registry proxy.

Dependency Management

  • npm-check: Check for outdated, incorrect, and unused dependencies.
  • npm-outdated: Check for outdated dependencies in your project.
  • npm-audit: Detect and fix vulnerabilities in your dependencies.
  • dependency-cruiser: Analyze and visualize module dependencies in your project.

Development Workflow

  • npm scripts: Define custom scripts in the package.json file to automate tasks.
  • husky: Git hooks made easy for better commit messages, linting, testing, etc.
  • lint-staged: Run linters on staged files before committing.
  • npm-link: Create symlink between projects for local development.
  • npm-run-all: Run multiple npm scripts concurrently or sequentially.

Publishing Packages

  • Semantic Versioning: Guidelines for versioning your packages.
  • npm version: Bump package version according to semantic versioning.
  • np: A better npm publish command with additional features.
  • commitizen: Format commit messages using a consistent style.
  • Conventional Commits: A specification for adding human-readable meaning to commit messages.

Security

  • npm audit: Detect and fix vulnerabilities in your dependencies.
  • snyk: Identify, track, and remediate vulnerabilities in open source dependencies.
  • Node Security Platform: Continuous security monitoring and vulnerability management for Node.js applications.

Performance

  • npm ci: Clean install of dependencies for faster and reliable builds.
  • Bundlephobia: Find the cost of adding an npm package to your bundle.
  • size-limit: Control the size of your JavaScript bundles.

Tooling

  • nvm: Node Version Manager for managing multiple Node.js versions.
  • npx-create: Scaffold projects from any GitHub repo with a single command.
  • npm-check-updates: Upgrade your package.json dependencies to the latest versions.
  • npm-link-shared: Share a linked package across multiple projects.

Tips and Best Practices

  • Avoid Global Packages: Prefer local dependencies over global ones.
  • Use .npmignore: Exclude files from being published to the npm registry.
  • Scoped Packages: Use scoped packages for organization-specific modules.
  • Private Packages: Publish and consume private packages within your organization.
  • Avoid Deep Dependency Trees: Minimize the number of dependencies and their nested levels.

Contribute

Contributions are welcome!

License

CC0